Thursday, September 17, 2009

I've decided to write in the post about some of my experience with different firewalls for Windows. I needed a firewall with such features as easy and detailed management, possibility to work via remote access with hardware and virtual computers, for both 32- and 64-bit Windows versions, XP and Vista. Here are what I used and my impressions from that.

Windows firewall comes along with both 32- and 64-bit OS versions. XP firewall does not control outbound traffic what is not acceptable for me, Vista firewall does, but its setup is a nightmare - it does not show what process is really sending something out. Since it is not clear what is going on and corresponding rules should be defined manually it appears very difficult to set up the firewall. From what I read, Microsoft put a proper control over the firewall into Windows Live OneCare and there was a hope that soon it would become free of charge, but it is still not - the price is $49.95.

ZoneAlarm is very easy firewall to deal with. I've been using it for a couple of years. It shows outgoing processes and asks whether you want it to be blocked or pass through, once or forever - this is the very right way for firewall to help in setting the rules. At present ZoneAlarm seems to have a free for personal use firewall with both 32- and 64-bit versions for Vista, XP still gets it as 32-bit only: http://www.zonealarm.com/security/en-us/system-requirements-zonealarm-products.htm. ZoneAlarm disadvantages are:

not very detailed rule settings;

a firewall alert window is not clickable via VNC remote session, what made the remote session very conditional – if firewall shows an alert it is necessary to go to that specific computer and click the firewall pop-up window button.

Because of those drawbacks I decided to move to another firewall about a year ago.

Comodo - I started using Comodo about a year ago when it was a firewall only (now it comes along with antivirus and defense). I needed more control over the function than I could get from free Zone Alarm and Comodo offered that. Later, when I got a media-PC with Vista x64, Comodo again was one of not many free for personal use supporting 64-bit Windows and the most advanced and rich one among them in features and depth of control. To be honest, at that time Comodo had two main disadvantages from my point of view:

It was too annoying - it required confirmation for every step of a process carrying out. It was educational to see what is going on under the hood, but so many alerts were pretty disturbing (although after setting a permanent rule, of course, it calmed down);

Somehow it blocked remote NX session from one network computer to a virtual Linux computer running on another x64 Vista network machine (pretty specific case I think, but I needed that). Everything like Internet and local network access from the virtual computer was working fine, but not the NX session - and it was the Comodo firewall on the Vista host which blocked the connection.

That was in the past, the current versions are free from the both of the drawbacks and work very stable on my different Windows computers: 32- or 64-bit OS, different hardware brands; there is no problem with NX or any other type of remote access to hardware or virtual machines I use.

Sphinx - I used it at the time when Comodo had the problems I described above and there were very limited number of available 64-bit firewalls free for personal use. Sphinx was one of them. As its description suggests Sphinx is not a complete firewall, it is a control over the existing Windows firewall and Sphinx compensates the lack of management in it: Sphinx generates pop-up alerts for traffic and sets the firewall rules according to a user choice. It's a pity the rule settings in the free version are very poor: just "Allow" or "Block", all rules are in the same general zone - more detailed control is available only with the commercial version of Sphinx. Nevertheless it did the job.

Nowadays much more firewalls are available for free for personal use: Ashampoo, PCTools, Outpost, etc. - just search. The choice of x64 versions has become better too. Some of them, Comodo, for example, come in a bundle with other protection tools as antivirus and malware defense. At present I put Comodo in charge of security on all of my Windows computers and it seems it's doing the job very well: I have not noticed any system or application slowdown, antivirus is a little bit too alert in "Heuristic" mode (jumps up on some of safe programs), but it's a rare case and it can be easily pacified. Comodo also offers commercial versions of firewalls and many other network security products for different cases - if interested you can check it out following the sponsor link: